Security Software Gains Many Facets

Not too long ago, antivirus software and a firewall was all that was
needed to keep PCs safe from digital threats. But now, consumers apparently
need a bigger arsenal of security solutions to survive the onslaught of
scams and schemes they encounter online.

A recent flurry of releases this week demonstrates this trend – Microsoft’s Live OneCare, McAfee’s Falcon and Symantec’s Norton 360 – each boast features you might not expect to see in a security solution, such as
PC performance tune-ups, backup applications, file recovery, site sniffers
to flush out potential phishing schemes, anti “crimeware” applications and
behavior blockers intended to stop malware in its tracks.

“Consumers are looking for integrated solutions that help protect them
against a broad variety of threats,” said Amrit Williams, a research
director at Gartner Group . “So they want antivirus, anti-spyware, and firewall
capabilities in one package. Consumers also need solutions where the
maintenance and updating is provided as a service – they are notorious for
not updating their products in a timely fashion.”

Microsoft Windows Live OneCare
($49.95 per year), released on Wednesday, offers complete, “top-to-bottom
maintenance, support and performance optimization,” CEO and chief software
architect Bill Gates said yesterday in a statement when the product was
released.

OneCare offers antivirus protection, firewall, file backups, PC tune-ups
and free support. There’s no built-in protection against spyware, but
Microsoft’s anti-spyware application, now named Windows Defender, is
available as a separate free download. After installation it can easily be
integrated with the LiveCare package.

McAfee , in an apparent attempt to beat Microsoft to the punch, announced
that its forthcoming security application “Falcon,” due sometime this summer, will include what the company has described in press
releases as “breakthrough proactive threat watch” technologies. But when
asked to provide details on this technology, McAfee declined to comment.

Symantec’s next-generation security software, Norton 360, is expected to
ship in March of 2007, a slip from the original ship date of September 2006,
the company announced on Wednesday. The current plan is to offer a public
beta version of the product in July.

Norton 360 will integrate Symantec’s current security products with its
PC backup and optimization software, as well as new solutions based on
preventing online scams that can slip surreptitiously into computers.

“Attackers are focusing on profit rather than making a name for
themselves, and they are focused more on getting threats onto your system
quietly. They’re stealthier, and the malware embeds itself deeply into the
operating system. So it’s harder to remove,” said Oliver Friedrichs,
director of emerging technologies at Symantec Security Response.

“That’s in contrast to just three years ago when majority of threats were
fairly easy to see and remove. Today’s threats are unlikely to be seen and
you’re unlikely to notice the CPU spike when it’s become infected.”

Friedrichs said that one technique that can battle the sneakiest software
is “behavior blocking,” which detects specific prohibited behaviors, actions
not likely to be performed by an application that doesn’t have malicious
intent.

“For example, if I detect someone trying to hook the keyboard driver on
my computer, that’s not something that most applications will want to do.
But that’s exactly what a keylogger that wants to record all the information
I input into my computer wants to do. So you block that behavior.”

Friedrichs also said that Symantec will be releasing a new product, codenamed “Voyager,” later
this year that will provide protection against phishing attacks and
“crimeware” threats.

Symantec defines “crimeware” as software that is coded to steal
information from an infected computer, such as credit card and bank account
numbers, passwords, and other sensitive data.

While all of these new bundles will likely make PCs more secure by making
security simpler, bigger benefits would come if operating systems and
applications were more secure right out of the box, according to Gartner’s
Williams.

“Security needs to be built in and turned on by default. If you look at
things like wireless access, security is usually turned off by default or
configured so that it’s not safe. A next step is for wireless and other
devices to have security enabled by default,” Williams said.

Enterprises are moving in much the same direction as consumer products,
according to Mike Gibbons, vice president of federal
security services at Unisys.

“Technologies that aggregate security events across the enterprise are
becoming more and more critical,” said Gibbons.

“Companies should be maintaining the information in all of their devices,
servers, firewalls, intrusion detection, antivirus, etc. from a centrally
managed point of view.”

News Around the Web